Scattered Spider

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides Read More …

Zimbra 0-day used to target international government organizations

In June 2023, Google’s Threat Analysis Group (TAG) discovered an in-the-wild 0-day exploit targeting Zimbra Collaboration, an email server many organizations use to host their email. Since discovering the 0-day, now patched as CVE-2023-37580, TAG has observed four different groups Read More …

Enhancing Computer Security for Nuclear Safety and Security

Nuclear safety and nuclear security share the same objective and vision: to protect individuals, societies and the environment from the potential harmful effects of ionizing radiation. Though the activities that address nuclear safety and nuclear security are different, it is Read More …

Europol and Eurojust support Czech and Ukrainian police in taking down multi-million euro voice phishing gang

The Czech and Ukrainian police have disrupted, with the support of Europol and Eurojust, a prolific phishing gang believed to have defrauded victims across Europe of tens of millions of euros. In Czechia alone, the damage caused by this criminal Read More …

Investigating the New Rhysida Ransomware

The Rhysida group was first identified in May 2023, when they claimed their first victim. This group deploys a ransomware variant known as Rhysida and also offers it as Ransomware-as-a-service (RaaS). The group has listed around 50 victims so far Read More …

9 million patients had data stolen after US medical transcription firm hacked

Close to nine million patients had highly sensitive personal and health information stolen during a cyberattack on a U.S. medical transcription service earlier this year, representing one of the worst medical-related data breaches in recent times. The medical transcription company, Read More …

Update now! Microsoft patches 3 actively exploited zero-days

Another important update round for this month’s Patch Tuesday. Microsoft has patched a total of 63 vulnerabilities in its operating systems. Five of these vulnerabilities qualify as zero-days, with three listed as being actively exploited. Microsoft considers a vulnerability to Read More …

Executing from Memory Using ActiveMQ CVE-2023-46604

Huntress Labs, Rapid7, and ArticWolf all recently published reports of threat actors exploiting ActiveMQ CVE-2023-46604 to drop ransomware onto the victim host. The attackers used CVE-2023-46604 to invoke cmd.exe followed by curl.exe or msiexec.exe in order to download and execute Read More …

#StopRansomware: Rhysida Ransomware

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the MultiState Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate known Rhysida ransomware IOCs and TTPs identified through investigations as recently as Read More …